Malwared | Backdoor Access Machine Farmer
15748
portfolio_page-template-default,single,single-portfolio_page,postid-15748,woocommerce-no-js,ajax_fade,page_not_loaded,,columns-4,qode-child-theme-ver-1.0.0,qode-theme-ver-16.7,qode-theme-bridge,transparent_content,disabled_footer_bottom,wpb-js-composer js-comp-ver-5.5.2,vc_responsive
 

Backdoor Access Machine Farmer

Category
Open-Source, Python, Security
About This Project

BAMF (Backdoor Access Machine Farmer) is an open-source tool designed to leverage Shodan (a search engine for the Internet of Things) to discover vulnerable routers, then utilize detected backdoors/vulnerabilities to remotely access the router administration panel and modify the DNS server settings.

Changing the primary DNS server of a router hijacks the domain name resolution process, enabling an attacker to target every device on the network simultaneously to spread malware with drive-by downloads and harvest credentials via malicious redirects to fraudulent phishing sites.

Currently the only vulnerability detected and exploited is CVE-2013-6026, commonly known as Joel’s Backdoor, a severe vulnerability allowing unauthenticated access to the administration panel of many routers made by D-Link, one of the world’s largest manufacturers of routers for home and business.

This project is still under development and will soon have a more modular design, making it easier for other developers to add detection & exploitation features for other vulnerabilities.